Overview

overview

10

Static

static

7

b6b59a54d6...0e.apk

android-9-x86

10

b6b59a54d6...0e.apk

android-10-x64

10

b6b59a54d6...0e.apk

android-11-x64

10

callout_11_shadow.xml

windows7-x64

1

callout_11_shadow.xml

windows10-2004-x64

3

callout_7_overlay.xml

windows7-x64

1

callout_7_overlay.xml

windows10-2004-x64

3

callout_8_overlay.xml

windows7-x64

1

callout_8_overlay.xml

windows10-2004-x64

1

callout_cloud.xml

windows7-x64

1

callout_cloud.xml

windows10-2004-x64

3

callout_de...le.xml

windows7-x64

1

callout_de...le.xml

windows10-2004-x64

3

callout_shape_2.xml

windows7-x64

1

callout_shape_2.xml

windows10-2004-x64

3

callout_shape_4.xml

windows7-x64

1

callout_shape_4.xml

windows10-2004-x64

3

callout_shape_5.xml

windows7-x64

1

callout_shape_5.xml

windows10-2004-x64

3

callout_shape_6.xml

windows7-x64

1

callout_shape_6.xml

windows10-2004-x64

3

help.htm

windows7-x64

1

help.htm

windows10-2004-x64

1

help_cs.htm

windows7-x64

1

help_cs.htm

windows10-2004-x64

1

help_de.htm

windows7-x64

1

help_de.htm

windows10-2004-x64

1

help_es.htm

windows7-x64

1

help_es.htm

windows10-2004-x64

1

help_ru.htm

windows7-x64

1

help_ru.htm

windows10-2004-x64

1

help_uk.htm

windows7-x64

1

Analysis

  • max time kernel
    135s
  • max time network
    138s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    07-08-2023 20:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    help_cs.htm

  • Size

    54KB

  • MD5

    22d33848ee6cae8aa8c1e90bdcd65226

  • SHA1

    982e9769391e13507289928289f11aa6e5b6c91b

  • SHA256

    b8a728e6bd697922bc23732cd444d25697d418ec6fd7a8cc322029cd71670148

  • SHA512

    25f1415f0b3e9c34fcd7f896b784d340622f74a7ff308c62da8961c1b7fa82f7ff038b54fed3d9a048a67039058d1c9f604f3be56f495288e417eacc034f7822

  • SSDEEP

    768:/3AjqEZHfLqlREwa3CL+9pcYX/wXBSBHz114I8h9KQc3G6mq/zAIjRK0:/4qC/KEwan7/wXBSlD4I8h9KQc3GX0

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\help_cs.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2452
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2452 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1616

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    0294fc0d860b00fa04c25d24be8c68da

    SHA1

    2107391fc74e3eb2ffa22fe5acf78aec36257523

    SHA256

    29d51f5af83d3bfc66b36ba6f216c973ec1b8af4c59a158da19042032da847b8

    SHA512

    61c21fa01f904e2c83fed451ea6e871b042823c48ac901e89c6dc295308eb0a584c0b68a68e1e87b6453b4b6cff7bb1863f9c1ac2e94e965dd98fd9450b33ede

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2b467c071f956bcbc882aa1e3ae24869

    SHA1

    b3cb8d3e23832eeae04f1a0dd1a2a1e5ab909080

    SHA256

    a8749fcccae8514af00cda508638c3a76a57186aba4a7a7b6936e44b31b0170c

    SHA512

    e503ecc43b00c8c256eda121761fc9d06a131e7ff2fb106fd8a6d029788db9fc24cac43feb8db60f90ca8609d0cba05f0ad6e941936cc62cc9e2cd6526fd4769

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    aae67f6454650d3c69b4290554af3cf3

    SHA1

    85ccd714cab2f6f96ceba3ea5fc1f136521f19e3

    SHA256

    27f6780cebf08c763f233040c69e2e7a45065b9f2b5e59278a0dd3b9d0dc1660

    SHA512

    f8ed507b0a4cb8bfb687404960ffebfe826fb59c66c79c006cdf6257c38e29ed269245267fb9f5363bc01a849c42cf19c999ada8df0b0d95bb0960a129b37ac8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cab0b5a7bd2cb320ae22830e3500fe0f

    SHA1

    fe2ab36351dcf1d7d01aa123821da4aea3dae3df

    SHA256

    14e058af20ed0aeac6bc2caebc2523c0991aeb19fbf2e66c75c4ec2fff3c6008

    SHA512

    7fc23c3a7da61194d0b6bc84c5114604f71b4c9690edf5480993d09413f003565e77fb6e7639f611457247fb8404e4fed13fc203f2f15e4aa332dfcec00d03a1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fd3f77352e3aafa226206eacd1a53f9d

    SHA1

    c24684b529029f44616b8f67fbd6ae1bf6375602

    SHA256

    18ea6b5ec2697265d954d4d816bbd837085717c9891b2e70a918c8d34e912d4b

    SHA512

    7247f5f7cb22593518f843738f0956c8d074b5da86085355ed0398d181d01e144ad285c570e620af8e14260f906ee620a732e552fd48b4170fbb338403978e1f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    48aaecbdb6c43e3584f8f5b164ea3f02

    SHA1

    4afef54512ed45dc061725732e7fc600cfc7ee81

    SHA256

    29cc314e9e14b5a071c246156556c65ab0b0ca0508823b6a9c0b366459319be2

    SHA512

    f7ec1c51b0eeb231e5082e5d98769822bed9b9b18f421b38e153f02c5ff1584d0c4b7856976f005ed831e17cd437a04ad029250321f29da308f6392a6e339182

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0966d8b4b3223978b2a670778115dfe2

    SHA1

    f9a934723154a970ab27243ecd2e09bc57314d7a

    SHA256

    0c0c7fdefc621f73feaa6888d9708d829832b66a1176c96a3d29ee3156b95a6a

    SHA512

    07cb8e9ca2c123fb34616b10d2994f0a7fee24666f3d3d92460e307b81236ae33057e32f4acee6552f61b2488639c6020db9dbe602633d48bdd4eb5a2f560398

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b731786867611887e20343f7953c8c36

    SHA1

    68f79bfe87b8ae3a204a713f3bcc398e47de861b

    SHA256

    cb214b5260ce5d7c990c8e129b5ccd7eb65829af02c2b9c7d5887da28a332ca2

    SHA512

    5312d2e301350a280bcbdc50ebf613568b9f549bc3f289a36e5586ece9b70727a1097cfb6c5376e37984ac199b1839ef7b81c8c3d3935c6d926c5965675e8332

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3cbf491b7e5d9998935f2b5ab404a36c

    SHA1

    65ccc405296f51860bc9fa2d59d582784251a0a2

    SHA256

    bfa3e90465f2b192b948f5556aacf511cde36e178b8de507b3c6e3b2bce49dc7

    SHA512

    d9f94b36088e71e3488e420394415b9a4dbe6cdb6eee96fa1763c5ec02037dc0938d941d654095f603053cfa1b7cdfbf3d92ba0699bf428cb56d77a40e295342

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    616cf1ff65571ec3c2c86af51ca2ae6d

    SHA1

    26db31a93c4a1732db826ca43e259e0624ffd011

    SHA256

    abaeacfe34b523cf71f820f4d21f89dca90a7d19526e3ff5cd19b520e75c6511

    SHA512

    72f40e4d40e59e44b6993aea131376d08d1c878b53e706c82e9b62d67860643fef741921fc232e18198513c675a18a97062b8a82e6147a73c47a270ef1caf0df

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a13188eee572158a668367909c1ce89f

    SHA1

    c8cc84534a4f0ccb083c0744351aaa33c5684dcd

    SHA256

    41fa3b01dd2d6811b282ad153ce8e2c54cc70328cacc148819027def31dd05e4

    SHA512

    83bf79793508799305ed2af7ec05f37bd1aadd7bc1ee273910d04ee2ba75e4d467f8b366365ff0b535141a9218a26c980c61e9ae622bf153eb94cb1c47a84539

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6338def84774078084c537c9b7197266

    SHA1

    90ef1f193b97d6af9934852a4893a79a5538df01

    SHA256

    3939b7ec573ea882862683308bc99bf7253d8ab13db3e69fff59721b9ba23bb0

    SHA512

    c4f339a074bee6130630b757daa4a89c747dc4b0662e860d82fa71c1dd7b34729339421bdc014468b1424f5d1989fd44b10478dd01204ec9f496d077e9f5e124

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9c3ca651ad52a5d224f228dddde885c7

    SHA1

    d9758e0512487bca93e0bcbf8f454af334fabbe1

    SHA256

    f12cdf508bdd2d920ba5a3e958110ef3e114aea2474813319d32cee20a3511b8

    SHA512

    1e35f14620dff5b08418efcee6118e738971efb080acb6d739f8058092138a1cfd201a2e60f1d9f86c669124978c97c75093174c96df6a2c9b36bccae28f9b65

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    30e061ba543c46268d1769c30b81dd5e

    SHA1

    d44b9a3d470b2666542186a77d91e855e06803b6

    SHA256

    bdb052d8bb7c4a916062713115c85c6fa52b8f3d8d48439ff72506f0951411fa

    SHA512

    123d73014027e58b89d221f5c4f02d0c0e370150d471735f3b9ba0e8cb168114344e9102301dc25e9f04f08068d5d99be15bc48df195b104133548013de5ee6b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    90cc67c0326faaf31715c03273e89403

    SHA1

    363cce8a0f5524cec71b8d3d65880bd2e2a6aab7

    SHA256

    436d65c58ffbe61cdd5d31e70160aecf274c69a4e0aae6dd12c8aebf8a004a95

    SHA512

    3c04ee817b940b22675c0205abd7109ced3201513139183ccfdaf5a47154b7f8981b8417b55512238bd81d5978b24bf410f2f85b5c2afdcc4c68893235819dab

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4fd4d7f4c8009681f5a098361a900061

    SHA1

    ed90e227e2bac9ea378a0e95aea142f0caca76c8

    SHA256

    6290fc109912118cdcf5e803c18dbb14ea5f0b88a8a56939347a0cf75046f72b

    SHA512

    c2ce70d07b45f0fa9504ce3ceb17cf97992deba1d6a77a99a7edbd87645be79dff0d3e1bf8937aed4d9e2261007a4af5030a6e0a05d38b550185d859eecc7301

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c950099335155f318bc11e36e835fc70

    SHA1

    86137844ff66ce82faec363ec5433ab5979ef706

    SHA256

    ecd1a6f65ed3f0ed200a841f396d40e3f0c090b8a64c371ae773320678cb570c

    SHA512

    0fa2e5fb0db1c1d8a72a17c68ac72ff44a23c5ad1e7440d9cbccc6c64af9dc7ca706208bd7b996d3fd0bd449f7960ce4f33575883912f4e5dd61aae64087b69c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    64f03a15637e1998e8d5e4604a40eeab

    SHA1

    48de2a63d351620202e0b2da4e99bcb9e82885b3

    SHA256

    00aafa0d0246959b7034e43050387121f01aead6b107b9cb302141f242b246f7

    SHA512

    7bc67969640231404b7d1067a9af9fc1c84af86d43361c43e7b33c625b86bb6586ff67034f5722d7633ae7a9126ec1fa0df914d056c0d129500bc7cf8c2a786e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4c6d04b6ddb62a0e6641c118ad395d44

    SHA1

    85c16c3b109631e660f72a86365038a02c5d0f2d

    SHA256

    7fceb438f8e5b2a47ef7ac40aacb3b400b85e2a2df831794b1cab35cec31ab57

    SHA512

    a07434adace7d27deac0061ba8d95edc0752f24a63b879ddcf93670d3f2bd10b17f7d95680ba7f999400a28a744d98b2337ed3486fd513249198c1fd9a4d3ac8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c39931ef141d0ba12d2f55fa5e07f948

    SHA1

    6ad891070a2fb44205bdbec3f150a4598ca547d6

    SHA256

    305e8324ec38e0e6dcd58d7ee06dc3afe95728738a03103e5388c92437dc77b9

    SHA512

    92923fbe80a636c526a509e8af245184106b3db44ec9db808b14100c311a26cab402de2740faf74afab1c5ea78a180a94d083903df9cf56f4754e1fab061146b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab8F48.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar918C.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit